CVE-2018-3646 in particular is alarming: "The third flaw, CVE-2018-3646, has a CVSS Base Score of 7.1 and enables bad actors to attack virtual machines (VM), via virtualization software and Virtual Machine Monitors (VMMs) running on Intel processors. A malicious guest VM could infer the values of data in the VMM’s memory."
Could potentially allow Untrusted VMs to attack safe VMs but I don't know for sure whether or not Qubes mitigates this. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b8c08313-4662-4c9e-a182-5dc83f48f4d5%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
